Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2019-08-28 CVE-2019-15753 Allocation of Resources Without Limits or Throttling vulnerability in Openstack Os-Vif 1.15.0/1.15.1/1.16.0
In OpenStack os-vif 1.15.x before 1.15.2, and 1.16.0, a hard-coded MAC aging time of 0 disables MAC learning in linuxbridge, forcing obligatory Ethernet flooding of non-local destinations, which both impedes network performance and allows users to possibly view the content of packets for instances belonging to other tenants sharing the same network.
network
low complexity
openstack CWE-770
6.4
2019-08-26 CVE-2019-15544 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in the protobuf crate before 2.6.0 for Rust.
network
low complexity
rust-protobuf-project apache CWE-770
7.5
2019-08-20 CVE-2019-4338 Allocation of Resources Without Limits or Throttling vulnerability in IBM Security Guardium BIG Data Intelligence 4.0
IBM Security Guardium Big Data Intelligence 4.0 (SonarG) does not properly restrict the size or amount of resources that are requested or influenced by an actor.
network
low complexity
ibm CWE-770
7.5
2019-08-20 CVE-2019-11924 Allocation of Resources Without Limits or Throttling vulnerability in Facebook Fizz
A peer could send empty handshake fragments containing only padding which would be kept in memory until a full handshake was received, resulting in memory exhaustion.
network
low complexity
facebook CWE-770
7.8
2019-08-19 CVE-2019-15225 Allocation of Resources Without Limits or Throttling vulnerability in Envoyproxy Envoy
In Envoy through 1.11.1, users may configure a route to match incoming path headers via the libstdc++ regular expression implementation.
network
low complexity
envoyproxy CWE-770
5.0
2019-08-15 CVE-2019-9012 Allocation of Resources Without Limits or Throttling vulnerability in Codesys products
An issue was discovered in 3S-Smart CODESYS V3 products.
network
low complexity
codesys CWE-770
7.5
2019-08-13 CVE-2019-9518 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service.
7.5
2019-08-13 CVE-2019-9517 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service.
7.5
2019-08-13 CVE-2019-9516 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service.
6.5
2019-08-13 CVE-2019-9515 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service.
7.5